Role Description Juicyway exists to fix the financial infrastructure that connects African businesses to the world. The Security and Infrastructure team protects Juicyway's technology, people, and products, prioritizing impact and building a security culture. - Lead the function of InfraSec to actively harden Juicyway's infrastructure. - Design and build security controls across every layer of the stack: - Physical hardware - Operating systems - Kubernetes - Networks - CI/CD pipelines - Hardening multi-cloud infrastructure end to end, including: - Network isolation - Secret management - Machine identity - Checkpoint encryption - Protect API services against common and emerging threats. - Secure and monitor the distributed workforce device fleet. - Partner with engineering teams to deploy security enhancements at scale. - Lead compliance work including PCI DSS and SOC 1 and 2. - Take a generalist approach to emerging workloads. - Build the security culture across the engineering organization. Qualifications - Deep expertise in cloud security — AWS and/or Azure. - Proven experience securing Kubernetes environments. - Solid track record with secret management, IAM, and access control at scale. - Hands-on experience with compliance frameworks; PCI DSS and SOC 1 and 2. - Strong analytical instincts. - Effective communication skills across technical and non-technical stakeholders. - Bonus: experience securing cryptocurrency systems; background in financial services; familiarity with endpoint protection tooling. Benefits - Competitive pay. - Meaningful equity at an early stage. - Real flexibility on hours, location, and work style. - A technical team that values security and listens to your input. Company Description Juicyway was started by Ife and Justin, processing their first transaction in November 2021. They aim to enable African businesses to make compliant global payments efficiently. - Vanguard of a new payments paradigm designed for Africans. - Addressing the high demand for foreign currency among African merchants. - Combating fragmentation and FX liquidity constraints in the payment system.

Overview CommIT Enterprises, Inc. is seeking an Information System Security Engineer (ISSE) to support government customer environments. This position is based in Charleston, SC but can be remote. This role blends handson cybersecurity engineering, security compliance support, and Risk Management Framework (RMF) activities with close collaboration across software development, DevSecOps, and system administration teams. The ISSE will work directly with the Information System Security Manager (ISSM) to ensure security controls, assessments, and authorization activities are executed effectively throughout the Software Development Life Cycle (SDLC). The position includes responsibility for supporting the Authorization to Operate (ATO) process within RAISE pipelines, reviewing security-related development artifacts, and evaluating CI/CD security outputs such as SAST, DAST, SBOMs, and CVSS scoring. As customer adoption of the RPOC platform grows, the ISSE will play a critical role in scaling security support and ensuring consistent, compliant implementation across all application teams. Established in 2001, CommIT is a Certified Veteran-Owned Small Business (CVOSB) providing innovative technical engineering and data science services. Our enterprise systems support includes the Department of Defense’s (DoD) GCSS-MC, CAC2S, TBMCS-MC, and the Department of Veteran’s Affairs’ (VA) telehealth communications. We offer acquisition management, systems engineering, Agile software development, cloud management, IT modernization, data analytics, cybersecurity, and training, including leading-edge DevSecOps, automated testing, and mobile application development. Responsibilities Your essential job functions will include but may not be limited to- - Support the ISSM in managing security requirements, documentation, and securityfocused engineering decisions throughout the SDLC, including Gitbased development workflows. - Review Merge/Pull Requests for security implications, control compliance, and adherence to secure coding and configuration standards. - Analyze CI/CD pipeline security outputs, including: – Static Application Security Testing (SAST) results – Dynamic Application Security Testing (DAST) results – Software Bill of Materials (SBOM) findings – CVSS scoring and vulnerability impact assessment - Support the execution and maintenance of the RAISE ATO pipeline, ensuring security control assessments align with mission and compliance requirements. - Assist in preparing, updating, and maintaining RMFaligned authorization documentation. - Perform continuous security monitoring activities and support incident response collaboration as needed. - Assist development, DevSecOps, and operations teams in interpreting security findings and determining secure technical paths forward. - Participate in technical discussions to ensure systems, functionalities, and updates integrate appropriate security controls. - Provide engineeringlevel troubleshooting related to security configurations, findings, and system behavior. - Contribute to the development and refinement of documentation for security processes, workflows, and compliance evidence. - Support audits, generate security artifacts, and prepare evidence packages as directed by the ISSM. - Scale support activities as customer adoption of the RPOC platform increases. Qualifications Required Experience and Education: - Master’s degree with 8 years of experience (or Bachelors with 10 years of experience) in Computer Science, Software Engineering, Computer Engineering, Mathematics or relevant field. Degree may be substituted with additional relevant industry experience and / or industry accepted training and certification. - Experience with SDLC, secure coding considerations, and security review of development artifacts. - Experience supporting ATO packages, RMF activities, or operational cybersecurity engineering roles is preferred. - Experience supporting DoD or federal enterprise systems - Familiarity with audit frameworks (RMF, NIST 800‑53, CMMC, etc.) - Knowledge of RPOC workflows, security requirements, and its role in the ATO/RAISE pipeline process - Experience reviewing or interpreting security outputs from CI/CD pipelines. - Understanding of secure software development practices, Git workflows, and DevSecOps tooling. - Strong analytical and communication skills for explaining security implications to technical and nontechnical stakeholders. - Ability to adapt quickly to shifting priorities and support multiple application teams as the environment scales. Security Requirements: - Secret Clearance with the ability to obtain a T5 - Security+ CE Equal Opportunity Employer: CommIT Enterprises, Inc. is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.

• Designing and building security controls across every layer of the stack; physical hardware, OS, Kubernetes, networks, and CI/CD pipelines - with sophisticated adversaries and insider threats as the design constraint • Hardening our multi-cloud infrastructure end to end, network isolation, secret management, machine identity, checkpoint encryption, the unglamorous work that keeps real money safe • Protecting our API services against common and emerging threats, from DDoS to the attacks that do not have names yet • Securing and monitoring our distributed workforce device fleet; endpoint protection and robust IAM for a team that moves fast across multiple markets • Partnering with engineering teams to deploy security enhancements at scale, embedding security into how we ship, not bolting it on after the fact • Leading our compliance work; PCI DSS, SOC 1 and 2, routine penetration tests with external auditors, and making sure we don't just pass them, we believe in them • Taking a generalist approach to emerging workloads, balancing deep security expertise with the broad technical range to adapt as the infrastructure evolves • Building the security culture across the engineering org, not by policing, but by making secure instincts the default

Company Description Who we are Moveworks is the Agentic AI Assistant platform that empowers the entire workforce. Our platform enables employees to converse with all of their business systems through natural language to quickly find answers and automate tasks. Powered by the world's most advanced LLMs, our proprietary models, and a sophisticated Agentic AI platform, we're transforming how work gets done by allowing AI to take initiative, streamline complex workflows, and continuously learn and adapt. Moveworks is trusted by over 5.5 million employees at more than 350 of the world’s largest companies, including 10% of the Fortune 500, to automate everyday tasks and streamline business operations. Recognized on the Forbes Cloud 100 and AI 50 lists, Moveworks was also named one of Fast Company’s 2025 Most Innovative Companies and Inc’s Best in Business, in the Best in Innovation category. Moveworks was also recognized at Microsoft’s 2025 Partner of the Year and in 2024, received the AI Breakthrough Award. In December 2025, Moveworks was acquired by ServiceNow, marking a pivotal milestone in our journey to create a single front door to work for all business systems. By combining ServiceNow’s leading workflow automation with Moveworks’ Reasoning Engine and natural language capabilities, we deliver the AI platform for every person and every workflow. Built to go beyond basic summaries to deliver meaningful business impact. Together, our AI acts across enterprise systems to turn conversations into completed work. By joining our team, you’ll be at the forefront of the AI transformation, backed by the global scale of ServiceNow and the agility of a high-growth company. We are looking for world-class talent to help us extend agentic AI to every employee across every corner of the business. Come join us! ServiceNow It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today — ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone. Job Description Do you think like an attacker when evaluating defenses? Are you motivated by emulating real world adversaries against mature environments? Join Moveworks’s Red Team as we continue to expand and sharpen our adversary simulation capabilities. Moveworks from ServiceNow is transforming how companies support their employees through AI. As a Senior Red Team Security Engineer, you will drive the next phase of our Red Team by executing high fidelity operations, modeling complex attack paths, and enhancing capabilities that reflect modern threat actors. You will work closely with the Blue Team to conduct Purple Team exercises and validate detection and response. You will evolve tradecraft in social engineering, malware development, and command-and-control, while driving operational consistency and scale through custom tooling and infrastructure. We’re looking for someone who leads through execution, brings strong technical instincts, and has a lasting impact on the team’s capabilities. You’ll take ownership of complex engagements, push into areas that require creativity and persistence, and consistently deliver high quality offensive work. You will also play a key role in raising the bar across the team by sharing knowledge, refining tradecraft, and helping others grow. What you get to do in this role: - Execute Red Team engagements by simulating advanced threat actors across a diverse attack surface, including enterprise endpoints, cloud infra, networks, and product/services. - Build, maintain, and scale custom tools and infrastructure to support and automate Red Team operations. - Develop sophisticated bypasses for security controls, such as Endpoint Detection and Response (EDR) and other monitoring solutions. - Lead social engineering initiatives, including the design and execution of phishing, vishing, and smishing campaigns to test initial access vulnerabilities. - Be a sparring partner with the SOC to test and improve detection and response capabilities. - Stay at the forefront of the industry by researching emerging threats and continuously evolving your offensive security skillset. - Design novel attack vectors and chain vulnerabilities creatively to achieve high-impact objectives. - Maintain an attacker’s mindset with the depth to dive into detailed analysis when needed. - Collaborate cross-functionally with Machine Learning, Search, Product, Infrastructure, Data, and Frontend teams to design and implement secure solutions. - Empower teams to make informed security-related decisions by documenting and presenting findings to both technical and executive audiences. Qualifications To be successful in this role you have: - 5+ years in Penetration Testing, Red Teaming, Vulnerability Research, and/or Application Security. - 3+ years of experience in Python, JavaScript, Golang, and C/C++. - Deep expertise in at least three of the following: macOS security, Linux security, Cloud security (AWS/GCP/Azure), Container security (Docker/Kubernetes), CI/CD pipeline security - Experience automating parts of the attacker lifecycle using AI. - Experience with Infrastructure as Code (IaC) tools like Terraform. - Proven ability to build long-lasting relationships with various teams. - Expert understanding of network security, application security, authentication, authorization, identity systems, encryption, and secure coding practices. - Ability to write and present findings for both technical and non-technical teams, including executive management. - Strong curiosity about engineering disciplines outside of your immediate expertise and a constant desire to learn. - Experience working in environments with compliance requirements like SOC2, HIPAA, ISO27001, FedRAMP, etc. - BS or higher in Computer Science or a related field. Additional Information Work Personas We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here. To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service. Equal Opportunity Employer ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. Accommodations We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance. Export Control Regulations For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license. - Employee Type: Regular - Region: AMS - North America and Canada - Work Persona: Flexible or Remote